There are three interconnected challenges, touching Lambda, EC2, RDS, and multiple IAM profiles.
Only one flag exists, but obtaining it requires chaining three services in sequence:
Hack Lambda → Hack EC2 → Hack RDS Snapshot
All resources are located in the us-east-1 region.
Before starting, confirm that the AWS CLI profile securitymaster exists.
Verification command
aws sts get-caller-identity --profile securitymaster
This command returns the AWS account details for the selected profile, ensuring it is configured correctly.
Identify the Lambda function, inspect its source code, and invoke it correctly to obtain the next set of credentials.
Start with the IAM user geralt.
Initial information is available at:
https://aws-masterclass-data.s3.amazonaws.com/session10/session10-start-here.txt
aws configure --profile session10level1
This command registers the initial IAM user credentials locally, allowing AWS CLI commands to run under this identity.